wesnoth (1.2.6-1ubuntu2.2) gutsy-security; urgency=low * SECURITY UPDATE: Do not allow '../' in file paths. It allowed others to view the content of files in the remote computers. * debian/patches/CVE-2007-5742: added, taken from upstream SVN r21904. * References: CVE-2007-5742. LP: #172783.
-- Emilio Pozuelo Monfort <[EMAIL PROTECTED]> Sun, 02 Dec 2007 21:30:03 +0100 ** Changed in: wesnoth (Ubuntu Gutsy) Status: Fix Committed => Fix Released ** Changed in: wesnoth (Ubuntu Feisty) Status: Fix Committed => Fix Released ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2007-3917 -- wesnoth exploit allows others to view the content of files on a remote computer https://bugs.launchpad.net/bugs/172783 You received this bug notification because you are a member of Ubuntu Bugs, which is the bug contact for Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs